CVE-2023-43757

MEDIUM

ELECOM Multiple Router Firmware - Inadequate Encryption Strength in Wireless LAN Communication

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-43757. PoCs published by sharmashreejaa.

AI-analyzed exploit summary The repository contains only a README.md file with the CVE identifier and no additional technical details or exploit code. It is a placeholder with minimal content.

Description

Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section.

Exploits (1)

nomisec STUB
by sharmashreejaa · poc
https://github.com/sharmashreejaa/CVE-2023-43757

The repository contains only a README.md file with the CVE identifier and no additional technical details or exploit code. It is a placeholder with minimal content.

Classification
Stub 100%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: unknown
No auth needed
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 6.5
EPSS 0.0050
EPSS Percentile 38.4%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-326
Status published
Products (34)
elecom/lan-w300n\/p_firmware
elecom/lan-w300n\/rs_firmware
elecom/lan-w301nr_firmware
elecom/lan-wh300n\/dgp_firmware
elecom/lan-wh300ndgpe_firmware
elecom/wrc-1167ghbk2_firmware
elecom/wrc-1167ghbk_firmware
elecom/wrc-1750ghbk-e_firmware
elecom/wrc-1750ghbk2-i_firmware
elecom/wrc-1750ghbk_firmware
... and 24 more
Published Nov 16, 2023
Tracked Since Feb 18, 2026